• No results found

Welcome Securing Personal Information

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Welcome Securing Personal Information"

Copied!
12
0
0

Loading.... (view fulltext now)

Download now ( 12 Page )

Full text

(1)

Welcome

to

Securing Personal Information

Hosted by:

Content by:

Presenter: Ray Cool, CEO PBSI Technology Solutions Webinar will begin at 1:00

(2)

Welcome

to

Cybersecurity Education Series

Hosted by Foster & Motley

Content provided by PBSI Technology Solutions

Series Goals

• Educate listeners on how to protect electronic valuables

• Improve knowledge about electronic security

• Provide practical information about what to change and how to do so

Topic Summaries

• Securing Personal Information - Overview

today’s topic

• Email Security Practices

2 of 4

• Password Management – Practical Strategies

3 of 4

• File Encryption, Cloud Security & Public Wi-Fi

4 of 4

(3)

Securing Personal Information

Fundamentals of securing important electronic information

• Cybersecurity Overview

• Establish protection from the “open” internet

• Secure your PCs, laptops, Macs, phones and other wireless devices

• File encryption and backup

• Email security & principles of secure behavior

• Know if your protection is working – Vulnerability scans & online security monitoring

(4)

PBSI Technology Solutions

“IT Security Specialists”

Technology Services provider for hundreds of clients in the tri-state including Foster & Motley

Experienced – 75% of staff have 10+ years experience w/PBSI

Proactive IT security monitoring for businesses & professionals

Who is PBSI?

(5)

Why do we need protection?

The Internet Today is a Dangerous Place

Increasingly, PCs & Macs are being infected with malware that steals passwords and copies data

New key logging & phishing attacks change constantly – Bad guys are motivated and relentless

Victims are NOT notified (SolarWinds attack) – Keystroke-logging malware may be active on millions of PCs

Email Addresses and Passwords Are For Sale

6.2 Billion emails are available for sale on the Darkweb

1.2 Billion of them include exposed, cracked passwords

Cisco, Microsoft, LinkedIn, Yahoo, Gmail, MySpace, DocuSign, Adobe, Dropbox, Tumblr and MANY others

SolarWinds Orion hack compromises 250+ large orgs - Microsoft, Cisco, US Gov, DOD, DOJ…

(6)

Security Fundamentals

Protect yourself from the “open” internet

Wireless Use a long password - Free hacker tools can decrypt almost any password given proximity and sufficient time Proximity includes nearby cars & houses. Best defense for wireless - use LONG pw (12+)

Internet of Things (IOT) Internet connected devices – Change default passwords; and update your firmware (go to mfg site, model, updates)

Close Open Ports on PCs Open ports are a big vulnerability - can be used to hijack a PC. PBSI can run a port scan on home PC or Mac.

Firewall (Optional for homes) Firewall w/ proper settings (set to “run silent”; intrusion prevention software & settings)

Secure all PCs, Macs & Laptops

Antivirus This is the last line of defense and MUST be in place on ALL PCs, laptops & Macs

Do not use free antivirus. All antivirus vendors have non-free versions. What is different? (your data is for sale)

Patch Management Set all PCs to auto-update all antivirus, Windows, apps & browsers – as real-time as possible Once security patches are released, hackers begin probing for old versions immediately If prompted “Do you want to update?” or ”Do you want to reboot?” – answer is always YES

Vulnerability Scanning Most antivirus can run a scan. Have you ever seen a scan result? Who is receiving alerts and acting on alerts?

Software Downloads Be very cautious about downloads. Download from vendor site. Be very careful of ‘search “download <product>”’ Highest risks: Screen savers; weather apps; coupon sites; free movies online; music & lyric sites; FaceBook;

Secure your Phones & Tablets

Passwords Do NOT store saved passwords on browsers if credit card info is stored. Use a password manager

(7)

File Encryption & Backup

Encrypt Important Files “At Rest”

• MS Office - Most files can be encrypted – simply by adding a password

• Password protection = encryption

Encrypt Files or Content Sent Via Email – 3 Choices

• Encrypt the email – Requires purchase of an email encryption tool (option: Virtru for gmail is free)

• Encrypt the attachment(s) - and provide the password to the recipient – using different medium (text or voice)

• Use a secured file sharing site– like Foster & Motley’s ShareFile

Backup Your Documents

• Disasters happen – hardware failures, ransomware attacks, theft, unintended deletions, operating system updates

• Backup principle – Multiple copies, multiple locations (local and cloud backup), automated

Recommendations for Backup

• Automate your backup – This is important – Most backup “disasters” occur due to human timing failure

• Choose a backup product that creates local encrypted backup (ransomware protection), and also cloud backup (redundant, multi-location) Bottom Line…

(8)

Email Safety & Principles of Secure Behavior

Email Security

• Email safety principle # 1 – Unsolicited vs. Solicited – Be VERY cautious with all unsolicited email, even if you know the sender

• Email safety principle # 2 – Antenna UP – Does anything seem amiss about this email? STOP!

• Email safety principle # 3 – Don’t get your news from email - Beware of current events/product releases received via email.

• Email safety principle # 4 – Careful with Unsubscribe - Scammers use to confirm email. Instead, choose “Junk”, then “Block Sender”

• Email safety principle # 5 – Learn how to evaluate a URL/Domain (web address) for safety

Software Downloads

• No software downloads without CAREFUL consideration

• Most downloaded security risks: Screen savers; weather apps; coupon sites; movie, music and lyric downloads

Web Links – Be VERY Careful

• Do NOT click on links without running through “caution” steps (right-click, copy link address, paste into browser, NO enter key)

• Learn how to evaluate true URL Domain - Starts after first period, ends before first single slash (https://www.example.com/subpath...

General Security Principles

• Public Wi-Fi – Never enter login or password when using public Wi-Fi

Password Security – Don’t use “normal” passwords. Use a password manager

(9)

Other Security Recommendations

Protect your Home Devices (IoT – Internet of Things)

Change default passwords! – TVs, Printers, Thermostats, Doorbells, Cameras, Appliances, Alexa…

Update firmware on all devices – Choose “Settings” and update. Or, go to manufacturer website and search “firmware”

Passwords

Don’t reuse identical passwords

Use complex and unique passwords on key financial sites (bank, 401-K, Quicken)

Hang Up on Cold-Calling Tech Support Agents

Called “Vishing” - Microsoft will not call you to see if your computer is running slowly

Beware public Wi-Fi

No passwords on Public Wi-Fi - If logging in w/ password , use a password manager, VPN tool, or use trusted app (Bank app)

Avoid Unfamiliar Sites for free downloads

(10)

Demonstration

Online Security Monitoring

Vulnerability Scanning & Patch Management Monitoring

SentinelOne Ransomware Protection

Data Breach Risk Scanning

Online Backup Monitoring

(11)

Summary - Essentials of Securing Personal Information

Establish protection from the “open” internet

• Use secure passwords to protect your Wi-Fi & IoT (Internet of Things) devices – and keep firmware updated

Secure your Desktops, Laptops & Files

• Antivirus & Malware protection – Use non-free antivirus, auto updated without manual intervention, daily vulnerability scanning w/alerts • Patch Management - Security issues frequently related to un-updated software patches

• Automate Your Backup – multi-location, locally encrypted, redundant

Email Security

• 5 principles of secure email evaluation • Turn on Multifactor Authentication

Password Management

• Don’t use common passwords on multiple sites

• Use a password manager or another secure option

Beware public Wi-Fi

• No passwords on Public Wi-Fi - If logging in with password , use a password manager or VPN tool, or use cellular

Know if your PCs & Macs are secure

• Consider online security monitoring – know if you have sleeping vulnerabilities

Training - Encourage every family member to learn secure behavior

(12)

Webinar Summary

Thank you for your attendance

Thank you to our friends at Foster & Motley

Included Handouts

“IT Security Education – Do’s & Don’ts of IT Security” and “How to evaluate dangerous emails”

How can PBSI help you? - Concierge IT Security Services

Pricing below has been discounted by 25% for Foster & Motley clients

Cost for F&M Client

Security Risk Assessment and personal security review & training – one-on-one, scheduled during daytime $ 325 one time

Data Breach Risk Scan (finds unencrypted PHI/PII) & Open port scan (up to 3 PCs/Macs) $ 150 one time

Online Security Monitoring, Antivirus, Patch Mgnt, Vulnerability Scans (up to 3 PCs/Macs) incl. Risk & Port Scans $ 225 / yr up to 3 PCs/Macs Online Security Monitoring, Antivirus, Patch Mgnt, Vulnerability S. (up to 3 PCs/Macs) w/S1 Ransomware Protect $ 325 / yr up to 3 PCs/Macs

Online Backup with redundant local encrypted backup (per PC or Mac) $ 115 / yr per PC/Mac

Concierge Security Services – Your own personal security advisor included at no cost with any of above services included with any of above

Webinar Follow-up

• Call or email questions, or request free quotation (800) 626-2306 [email protected]

• Speaker contact Ray Cool, CEO (513) 924-3915 [email protected]

Webinar Summary

• Securing Personal Information

today’s topic

• Email Security Practices Thursday, Feb 11, 1:00

• Password Management Tuesday, Feb 16, 1:00

References

Download now ( PDF - 12 Page - 2.80 MB )

Related documents

Big Data Analysis Technology

Most algorithms for large item sets are related to the Apri- ori algorithm that will be discussed in Chapter IV-A2. All algorithms and methods are usually based on the same

Review of BC Family Public Legal Education and Information Resources

Make  changes  to  section  on  agreements  to   reflect  emphasis  of  agreements  in  new

Fast Adaptation of Neural Networks

ter mean to the prototypes computed from the true labels of all the samples. Similar to the semi-supervised scenario, we use a PN trained in the episodic mode as the feature

Denial of Service on SIP VoIP Infrastructures Using DNS Flooding

During the thesis work, I measured six different parameters: the number of emergency processes, hash table entry number, caching replacement policy, cache entry

The Internalisation of External Costs in Transport: From the Polluter Pays to the Cheapest Cost Avoider Principle

We also deal with the question whether the inferiority of the polluter pays principle in comparison to the cheapest cost avoider principle can be compensated

Union Power, Minimum Wage Legislation, Endogenous Labor Supplies and Production

Although total labor earnings increase with the unskilled unions’ bargaining power, we can say nothing when the increase in production is due to stronger skilled unions, since

Mortgage Lending Compliance

• For a home purchase loan, a refinancing, or a dwelling-secured home improvement loan that you originated, report the spread (difference) between the annual percentage rate

November 1, The Honorable Seth McKeel Chair, House Appropriations Committee 221 The Capitol 402 South Monroe Street Tallahassee, FL

The targeted real estate ads reminded consumers to check state licenses before hiring a real estate professional and provided the Department’s website for consumers and licensed real